Liveness Settings
Liveness Configuration
Keyless SDK provides three officially-supported configurations for the liveness detection (antispoofing component), listed below from the lowest to the highest level of security:
PASSIVE_STANDALONE_MEDIUM- for testing purposes onlyPASSIVE_STANDALONE_HIGH- for most production use (current SDK default)PASSIVE_STANDALONE_HIGHEST- for higher security production use (RECOMMENDED)
Increasing the security level increases the ability of the system to reject spoof attempts (true positive rate, or TPR). A higher security level also increases the genuine reject rate (false positive rate, or FPR) and the time required by the anti-spoofing module to make a decision.
For most production scenarios, Keyless recommends the use of PASSIVE_STANDALONE_HIGH. This setting offers a good tradeoff between TPR, FPR, and time-to-decision. For scenarios that require a higher security level, we recommend increasing this setting to PASSIVE_STANDALONE_HIGHEST.
Configuring livenessEnvironmentAware
The livenessEnvironmentAware feature enforces stricter environmental checks during the liveness process and can therefore add an additional layer of protection against certain biometric attacks. This is set to false by default from SDK v5.3.3 and above.
Note that we have observed that, on a very limited set of devices, this may prevent some users from authenticating with Keyless altogether and in this case the SDK will return an 20021 error.
For security purposes, we have not described how this liveness feature works in detail. Please contact a member of the Keyless team if you would like to better understand how this feature works and the security/UX trade-offs that we observe with either the true / false setting.
Relax liveness checks for testing purposes
Below follows a liveness configuration example for testing pruposes only should facilitate testing the happy path of "passing the liveness checks".
// ONLY FOR TEST
// Authentication Configuration
val authConfig = BiomAuthConfig(
livenessConfiguration = LivenessSettings.LivenessConfiguration.PASSIVE_STANDALONE_MEDIUM,
livenessEnvironmentAware = false
)
// Enrollment Configuration
val enrollConfig = BiomEnrollConfig(
livenessConfiguration = LivenessSettings.LivenessConfiguration.PASSIVE_STANDALONE_MEDIUM,
livenessEnvironmentAware = false
)
// De-Enrollment Configuration
val deEnrollConfig = BiomDeEnrollConfig(
livenessConfiguration = LivenessSettings.LivenessConfiguration.PASSIVE_STANDALONE_MEDIUM,
livenessEnvironmentAware = false
)// ONLY FOR TEST
// Authentication Configuration
let authConfig = BiomAuthConfig(
livenessConfiguration: Keyless.LivenessConfiguration.passiveStandaloneMedium
livenessEnvironmentAware: false
)
// Enrollment Configuration
let enrollConfig = BiomEnrollConfig(
livenessConfiguration: Keyless.LivenessConfiguration.passiveStandaloneMedium
livenessEnvironmentAware: false
)
// De-Enrollment Configuration
let deEnrollConfig = BiomDeEnrollConfig(
livenessConfiguration: Keyless.LivenessConfiguration.passiveStandaloneMedium
livenessEnvironmentAware: false
)// ONLY FOR TEST
// Authentication Configuration
final authConfig = BiomAuthConfig(
livenessConfiguration: LivenessConfiguration.PASSIVE_STANDALONE_MEDIUM
// livenessEnvironmentAware: false - not available yet
);
// Enrollment Configuration
final enrollConfig = BiomEnrollConfig(
livenessConfiguration: LivenessConfiguration.PASSIVE_STANDALONE_MEDIUM
// livenessEnvironmentAware: false - not available yet
);
// De-Enrollment Configuration
final deEnrollConfig = BiomDeEnrollConfig(
livenessConfiguration: LivenessConfiguration.PASSIVE_STANDALONE_MEDIUM
// livenessEnvironmentAware: false - not available yet
);Last updated
Was this helpful?